Systems and methods for end-to-end encryption and compression are described herein. A query is encrypted at a client using a homomorphic encryption scheme. The encrypted query is sent to a server where the encrypted query is evaluated over target data to generate encrypted response without decrypting the encrypted query. The result elements of the encrypted response are grouped, co-located, and compressed, without decrypting the encrypted query or the encrypted response. The compressed encrypted response is sent to the client where it is decrypted and decompressed to obtain the results of the query without revealing the query or results to the owner of the target data, an observer, or an attacker.
Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A method comprising: receiving at one or more servers an encrypted analytic from one or more clients, the analytic encrypted using a homomorphic encryption scheme, the analytic comprising a query; evaluating the encrypted analytic over a target data source without decrypting the encrypted analytic; grouping similar result elements of encrypted analytic evaluation; compressing the groups of similar result elements; evaluating the encrypted analytic over each of the compressed groups of result elements to generate an encrypted response, without decrypting the encrypted response and without decrypting the encrypted analytic; and sending the encrypted response from the one or more servers to the one or more clients for decompression and decryption at the one or more clients.
This invention relates to secure data analytics using homomorphic encryption. The problem addressed is the need to perform computations on encrypted data without exposing sensitive information to the server processing the data. The solution involves a method for evaluating encrypted analytics queries over a target data source while maintaining data privacy. The method begins with one or more servers receiving an encrypted analytic from one or more clients. The analytic is encrypted using a homomorphic encryption scheme and includes a query. The server evaluates the encrypted analytic over the target data source without decrypting it. During evaluation, the server groups similar result elements from the encrypted analytic evaluation to optimize processing. These groups are then compressed to reduce computational overhead. The server further evaluates the encrypted analytic over each compressed group to generate an encrypted response, again without decrypting either the response or the original analytic. Finally, the encrypted response is sent back to the client for decompression and decryption. This approach ensures that the server never accesses unencrypted data, preserving privacy while enabling efficient analytics on encrypted datasets. The grouping and compression steps enhance performance by reducing redundant computations. The method is particularly useful in scenarios where data confidentiality is critical, such as in healthcare, finance, or user privacy-sensitive applications.
2. The method of claim 1 , further comprising co-locating two or more result elements of the target data source on a same server.
A system and method for optimizing data retrieval from a target data source involves co-locating two or more result elements of the target data source on the same server to improve efficiency. The method includes receiving a query, identifying a target data source that can provide a response to the query, and determining a set of result elements from the target data source that are relevant to the query. The system then retrieves the result elements from the target data source and presents them to the user. By co-locating multiple result elements on the same server, the system reduces latency and improves response times, particularly in distributed computing environments where data may be spread across multiple servers. This approach is useful in scenarios where fast access to specific data subsets is critical, such as in search engines, databases, or real-time analytics systems. The method ensures that frequently accessed or related data elements are stored together, minimizing the need for cross-server communication and enhancing overall system performance.
3. The method of claim 1 , further comprising co-locating two or more groups of result elements on a server based on a probability that the result elements are similar.
This invention relates to optimizing the storage and retrieval of result elements in a server-based system, particularly for improving efficiency in data processing and retrieval operations. The core problem addressed is the inefficiency in accessing and managing result elements when they are stored in a distributed or non-optimized manner, leading to increased latency and computational overhead. The method involves co-locating two or more groups of result elements on a server based on a calculated probability that the result elements are similar. Similarity is determined by analyzing attributes or characteristics of the result elements, such as content, metadata, or usage patterns. By grouping similar result elements together, the system reduces the need for frequent data transfers between servers, minimizes storage fragmentation, and accelerates retrieval times. This approach is particularly useful in large-scale data processing environments where result elements are frequently accessed or processed in related batches. The method may also include dynamically adjusting the grouping of result elements as new data is added or as usage patterns change, ensuring that the co-location remains optimized over time. Additionally, the system may prioritize co-location for result elements that are frequently accessed together, further enhancing performance. The overall goal is to improve system efficiency by reducing latency, conserving computational resources, and optimizing storage utilization.
4. The method of claim 1 , further comprising converting the grouped result elements into byte streams.
A system and method for processing data involves grouping result elements from a data processing operation and converting those grouped elements into byte streams for efficient storage or transmission. The method first processes input data to generate result elements, which are then grouped based on predefined criteria such as data type, source, or processing stage. These grouped elements are subsequently converted into byte streams, which may involve serialization, compression, or encoding to optimize storage or transmission efficiency. The byte streams can then be stored in a database, transmitted over a network, or further processed. This approach improves data handling efficiency by reducing redundancy and enabling structured data management. The conversion to byte streams ensures compatibility with various storage systems and transmission protocols, enhancing interoperability. The method is particularly useful in large-scale data processing environments where efficient data organization and transmission are critical.
5. The method of claim 1 , wherein grouping the result elements of the target data source is based on a probability that the result elements are similar.
This invention relates to data processing systems that group result elements from a target data source based on similarity probabilities. The method involves analyzing result elements to determine their likelihood of being similar, then organizing them into groups accordingly. This approach improves data organization by dynamically adjusting groupings based on calculated similarity metrics rather than fixed rules. The underlying process includes extracting result elements from the target data source, computing similarity probabilities between elements, and applying these probabilities to form coherent groups. The system may use statistical models or machine learning techniques to assess similarity, ensuring adaptability to different data types and structures. This method is particularly useful in applications requiring dynamic data clustering, such as search engines, recommendation systems, or database management, where traditional static grouping methods may fail to capture nuanced relationships between data points. By leveraging probabilistic similarity assessments, the invention enables more accurate and context-aware data organization, enhancing efficiency in data retrieval and analysis tasks. The technique can be applied across various industries, including finance, healthcare, and e-commerce, where precise data grouping is critical for decision-making and automation.
6. The method of claim 1 , wherein the analytic is a model.
A system and method for analyzing data using a model-based analytic approach. The technology addresses the challenge of efficiently processing and interpreting large datasets to extract meaningful insights. The method involves collecting data from one or more sources, where the data may include structured, unstructured, or semi-structured information. The collected data is then preprocessed to clean, normalize, and format it for analysis. A model, such as a machine learning or statistical model, is applied to the preprocessed data to generate an analytic output. The model may be trained on historical data or updated dynamically based on new data inputs. The analytic output is then used to derive actionable insights, such as predictions, classifications, or recommendations. The system may also include a user interface for visualizing the results and configuring the model parameters. The method ensures that the analytic process is scalable, adaptable, and capable of handling diverse data types to support decision-making in various applications, including business intelligence, healthcare, and finance.
7. The method of claim 1 , wherein the homomorphic encryption scheme is Paillier encryption.
Homomorphic encryption enables computation on encrypted data without decryption, preserving privacy. A challenge in this field is implementing efficient and secure homomorphic operations, particularly for practical applications like secure voting or financial computations. The invention addresses this by specifying the use of Paillier encryption, a well-known homomorphic encryption scheme, to enhance security and efficiency in encrypted data processing. The method involves encrypting data using Paillier encryption, which supports additive homomorphic properties, allowing computations like addition on ciphertexts. This enables secure aggregation of encrypted values, such as in privacy-preserving statistical analysis or secure multi-party computation. The scheme ensures that intermediate and final results remain encrypted, preventing unauthorized access while allowing valid computations. The invention may also include key generation, encryption, and decryption steps to facilitate secure data handling. By leveraging Paillier encryption, the method ensures that encrypted data can be processed without exposing sensitive information, making it suitable for applications requiring strong privacy guarantees. The approach balances computational efficiency with robust security, addressing limitations of other homomorphic encryption schemes. This solution is particularly valuable in scenarios where data confidentiality is critical, such as in financial transactions, healthcare records, or secure voting systems.
8. The method of claim 1 , wherein the analytic is a chain of a series of operations to be performed over the target data source.
This invention relates to data analytics, specifically methods for processing and analyzing target data sources. The problem addressed is the need for flexible, modular data analysis workflows that can be adapted to different datasets and analytical requirements. The invention provides a method where an analytic is structured as a chain of operations, allowing sequential or conditional processing steps to be applied to a target data source. Each operation in the chain can include data transformation, filtering, aggregation, or other analytical functions. The operations are executed in a predefined sequence, with outputs from one operation serving as inputs to subsequent operations. This modular approach enables complex analyses to be broken down into reusable, interconnected steps, improving efficiency and adaptability. The method supports dynamic adjustments to the chain, such as adding, removing, or modifying operations based on intermediate results or external inputs. The invention also includes mechanisms for error handling, validation, and optimization of the chain execution. By structuring analytics as chains of operations, the method simplifies the design, testing, and deployment of data analysis workflows across diverse datasets and use cases.
9. The method of claim 1 , wherein the analytic is received from the one or more clients via the Internet.
This invention relates to a system for processing and analyzing data received from multiple clients over the Internet. The system addresses the challenge of efficiently collecting, processing, and analyzing data from distributed sources to generate actionable insights. The method involves receiving an analytic request from one or more clients via the Internet, where the analytic request includes data to be analyzed. The system processes this data using predefined analytic techniques, which may include statistical analysis, machine learning, or other computational methods. The processed results are then transmitted back to the requesting clients or stored for further use. The system ensures secure and reliable data transmission over the Internet, handling various data formats and ensuring compatibility across different client devices. The analytic techniques may be customized based on the type of data or the specific requirements of the clients. The system also supports real-time or batch processing, depending on the urgency and volume of the data. By leveraging Internet-based communication, the system enables remote clients to access advanced analytic capabilities without the need for local infrastructure, improving scalability and accessibility. The invention enhances data-driven decision-making by providing timely and accurate insights derived from distributed data sources.
10. A system comprising: a client processor configured to execute instructions stored in memory for performing the following steps: encrypting an analytic using a homomorphic encryption scheme and an encryption key, wherein the analytic comprises a query, sending the encrypted analytic to a server without the encryption key, and decrypting an encrypted response using the homomorphic encryption scheme and the encryption key; and the server configured to: receive the encrypted analytic without the encryption key from the client processor via a network, evaluate the encrypted analytic over a target data source without decrypting the encrypted analytic, group similar result elements of the target data source evaluation, compress the groups of similar result elements, evaluate the encrypted analytic over the compressed groups of result elements to generate an encrypted response, without decrypting the encrypted analytic and without decrypting the encrypted response, and send the encrypted response to the client processor.
This invention relates to secure data analytics using homomorphic encryption. The system enables private query processing on remote data sources without exposing raw data or query details. A client processor encrypts an analytic query using a homomorphic encryption scheme and an encryption key, then sends the encrypted query to a server. The server receives and processes the encrypted query over a target data source without decrypting it. The server groups similar result elements from the initial evaluation, compresses these groups, and performs a second evaluation over the compressed data to generate an encrypted response. This approach reduces computational overhead while maintaining data privacy. The encrypted response is sent back to the client, which decrypts it using the original encryption key. The system ensures that neither the server nor intermediate networks can access the original query or data, addressing privacy concerns in cloud-based analytics. The homomorphic encryption allows mathematical operations on encrypted data, enabling accurate results without decryption. The grouping and compression steps optimize performance by reducing the volume of encrypted data processed in subsequent evaluations.
11. The system of claim 10 , wherein the server is further configured to co-locate similar result elements from another server.
A system for managing and optimizing data retrieval in distributed computing environments addresses inefficiencies in processing and delivering search results. The system includes a server that receives a query, processes it to generate result elements, and transmits these elements to a client device. The server is configured to optimize the transmission by co-locating similar result elements from another server, reducing redundancy and improving performance. This co-location process involves identifying and grouping similar data elements before transmission, ensuring that the client receives a consolidated and streamlined set of results. The system may also include a client device that receives and displays the result elements, with the server dynamically adjusting the transmission based on network conditions or client capabilities. The co-location feature enhances efficiency by minimizing redundant data transfers and improving the overall responsiveness of the system. This approach is particularly useful in large-scale distributed systems where multiple servers handle similar queries, ensuring that resources are used optimally and response times are minimized.
12. The system of claim 10 , wherein the client processor is further configured to decompress the response after decrypting the encrypted response.
A system for secure data transmission and processing involves a client device and a server. The client device includes a processor that receives an encrypted response from the server, decrypts the encrypted response, and then decompresses the decrypted data. The server compresses data before encrypting it for transmission to the client, ensuring efficient and secure data transfer. The client processor handles both decryption and decompression to reconstruct the original data. This approach optimizes bandwidth usage by reducing the size of transmitted data while maintaining security through encryption. The system is particularly useful in environments where data integrity, confidentiality, and efficient transmission are critical, such as cloud computing, secure communications, or remote data access. The client processor's ability to decompress after decryption ensures that the data is both secure during transmission and efficiently processed upon receipt.
13. The system of claim 10 , wherein the server is further configured convert the result elements into byte streams.
A system for processing data in a distributed computing environment addresses the challenge of efficiently managing and transmitting large datasets across networked devices. The system includes a server that receives input data, processes it to generate result elements, and converts these elements into byte streams for transmission. The server may also distribute the input data to multiple client devices, where the data is processed locally to produce intermediate results. These intermediate results are then sent back to the server, which aggregates them to form the final result elements. The conversion of result elements into byte streams ensures compatibility with various network protocols and optimizes data transfer efficiency. This approach reduces bandwidth usage and improves performance in distributed computing scenarios, particularly where large-scale data processing is required. The system is designed to handle high volumes of data while maintaining reliability and minimizing latency.
14. The system of claim 10 , wherein the result elements are grouped based on a probability that the result elements are similar.
This invention relates to a system for organizing and presenting search results or data elements based on their similarity. The system addresses the problem of information overload by automatically grouping related items to improve user experience and efficiency in finding relevant information. The core system includes a processing module that analyzes input data, such as search results or database entries, to identify patterns, features, or attributes that indicate similarity between elements. A grouping module then clusters these elements based on calculated probabilities of similarity, ensuring that closely related items are presented together. The system may also include a user interface that displays the grouped results, allowing users to navigate or filter information more effectively. The grouping process may involve statistical methods, machine learning techniques, or rule-based algorithms to determine similarity metrics. The system is applicable in search engines, recommendation systems, or any application requiring organized data presentation. The invention enhances usability by reducing cognitive load and improving the discoverability of relevant information.
15. A non-transitory computer readable storage media having a program embodied thereon, the program being executable by a processor to perform a method for secure analytics of a target data source, the method comprising: receiving an encrypted analytic from a client via a network, the analytic comprising a query, the analytic encrypted using a homomorphic encryption scheme and a public encryption key, the encrypted analytic received without a corresponding private encryption key; evaluating the encrypted analytic over the target data source to generate encrypted result elements without decrypting the encrypted analytic; grouping similar result elements of the encrypted analytic evaluation without decrypting the result elements; compressing the groups of similar result elements; evaluating the encrypted analytic over the compressed groups of result elements to generate an encrypted response, without decrypting the encrypted analytic and without decrypting the encrypted response; and sending the encrypted response to the client.
This invention relates to secure data analytics using homomorphic encryption to process encrypted data without exposing the underlying information. The problem addressed is the need to perform computations on sensitive data while maintaining confidentiality, ensuring that neither the data owner nor the analytics provider can access the raw data or intermediate results. The system involves a non-transitory computer-readable storage medium containing a program executable by a processor to perform secure analytics on a target data source. The method begins by receiving an encrypted analytic (a query) from a client over a network. The analytic is encrypted using a homomorphic encryption scheme and a public key, with the corresponding private key not provided, ensuring the data remains encrypted throughout processing. The encrypted analytic is evaluated over the target data source to generate encrypted result elements without decrypting the analytic. Similar result elements are then grouped and compressed to reduce computational overhead. The encrypted analytic is further evaluated over these compressed groups to produce an encrypted response, again without decrypting the analytic or the response. Finally, the encrypted response is sent back to the client. This approach enables secure, privacy-preserving analytics by leveraging homomorphic encryption to perform computations on encrypted data while minimizing computational complexity through grouping and compression of intermediate results.
16. The non-transitory computer readable storage media of claim 15 , the method further comprising co-locating two or more groups of result elements on a server based on a probability that the result elements are similar.
The invention relates to optimizing data storage and retrieval in distributed computing systems, particularly for managing result elements generated by computational tasks. The problem addressed is the inefficiency in accessing and processing result elements when they are distributed across multiple servers, leading to increased latency and resource consumption. The solution involves a method for storing and retrieving result elements on a server. The method includes determining a probability that two or more result elements are similar based on their attributes or content. If the probability exceeds a threshold, the result elements are co-located on the same server. This co-location reduces the need for cross-server communication, improving data access efficiency. The method may also involve analyzing historical data to refine the similarity probability calculations and dynamically adjusting the co-location strategy based on system performance metrics. Additionally, the method may include generating a similarity score for each pair of result elements and using this score to prioritize co-location decisions. The system may also track the frequency of access for co-located result elements and reallocate them if access patterns change. This approach ensures that frequently accessed result elements remain close to each other, further optimizing performance. The invention is implemented using non-transitory computer-readable storage media containing instructions for executing the described method.
17. The non-transitory computer readable storage media of claim 15 , the method further comprising converting the grouped result elements into byte streams.
A system and method for processing data involves grouping result elements from a data processing operation and converting those grouped elements into byte streams for further handling or transmission. The data processing may involve extracting, transforming, or analyzing information from a dataset, where the results are organized into logical groups based on shared attributes or relationships. These grouped results are then serialized into byte streams, which can be efficiently stored, transmitted, or processed by other systems. The conversion to byte streams ensures compatibility with various data formats and protocols, enabling seamless integration with downstream applications or storage systems. This approach optimizes data handling by reducing redundancy and improving efficiency in data transfer and storage operations. The method may also include additional steps such as validating the grouped results before conversion or applying compression techniques to the byte streams to further enhance performance. The system is particularly useful in environments where large volumes of data need to be processed and transmitted efficiently, such as in cloud computing, big data analytics, or distributed computing systems.
18. The non-transitory computer readable storage media of claim 15 , wherein grouping the result elements of the target data source is based on a probability that the result elements are similar.
The invention relates to data processing systems that group result elements from a target data source based on similarity. The problem addressed is efficiently organizing and presenting data from multiple sources, particularly when the data lacks predefined grouping criteria. The solution involves analyzing the target data source to identify result elements and then grouping them based on a calculated probability of similarity. This probability is determined by comparing attributes or features of the result elements, such as content, metadata, or other relevant characteristics. The grouping process may involve clustering algorithms, statistical analysis, or machine learning techniques to assess similarity. The system dynamically adjusts the grouping criteria to improve accuracy over time, ensuring that related data is logically organized. This approach enhances data retrieval and presentation, making it easier for users to navigate and interpret large datasets. The invention is particularly useful in applications like search engines, databases, and data analytics platforms where organizing unstructured or semi-structured data is challenging. By automating the grouping process, the system reduces manual effort and improves efficiency in data management.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
January 19, 2018
March 29, 2022
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.